/**
* Action to handle deleting of a single file
*
* @param HTTPRequest $request
* @return HTTPResponse
*/
public function delete(HTTPRequest $request)
{
// Check form field state
if ($this->parent->isDisabled() || $this->parent->isReadonly()) {
return $this->httpError(403);
}
// Protect against CSRF on destructive action
$token = $this->parent->getForm()->getSecurityToken();
if (!$token->checkRequest($request)) {
return $this->httpError(400);
}
// Check item permissions
$item = $this->getItem();
if (!$item) {
return $this->httpError(404);
}
if ($item instanceof Folder) {
return $this->httpError(403);
}
if (!$item->canDelete()) {
return $this->httpError(403);
}
$item->delete();
return null;
}
/**
* Action to handle deleting of a single file
*
* @param SS_HTTPRequest $request
* @return SS_HTTPResponse
*/
public function delete(SS_HTTPRequest $request)
{
// Check form field state
if ($this->parent->isDisabled() || $this->parent->isReadonly()) {
return $this->httpError(403);
}
// Protect against CSRF on destructive action
$token = $this->parent->getForm()->getSecurityToken();
if (!$token->checkRequest($request)) {
return $this->httpError(400);
}
// Check item permissions
$item = $this->getItem();
if (!$item) {
return $this->httpError(404);
}
if (!$item->canDelete()) {
return $this->httpError(403);
}
// Delete the file from the filesystem. The file will be removed
// from the relation on save
// @todo Investigate if references to deleted files (if unsaved) is dangerous
$item->delete();
}
/**
* Action to handle deleting of a single file
*
* @param SS_HTTPRequest $request
* @return SS_HTTPResponse
*/
public function delete(SS_HTTPRequest $request)
{
// Check form field state
if ($this->parent->isDisabled() || $this->parent->isReadonly()) {
return $this->httpError(403);
}
// Protect against CSRF on destructive action
$token = $this->parent->getForm()->getSecurityToken();
if (!$token->checkRequest($request)) {
return $this->httpError(400);
}
// Check item permissions
$item = $this->getItem();
if (!$item) {
return $this->httpError(404);
}
if (!$item->canDelete()) {
return $this->httpError(403);
}
// Only allow actions on files in the managed relation (if one exists)
$items = $this->parent->getItems();
if ($this->parent->managesRelation() && !$items->byID($item->ID)) {
return $this->httpError(403);
}
// First remove the file from the current relationship
$this->remove($request);
// Then delete the file from the filesystem
$item->delete();
}
/**
* @param array $data
* @param Form $form
* @param SS_HTTPRequest $request
*/
public function doEdit(array $data, Form $form, SS_HTTPRequest $request) {
// Check form field state
if($this->parent->isDisabled() || $this->parent->isReadonly()) return $this->httpError(403);
// Check item permissions
$item = $this->getItem();
if(!$item) return $this->httpError(404);
if(!$item->canEdit()) return $this->httpError(403);
// Only allow actions on files in the managed relation (if one exists)
$items = $this->parent->getItems();
if($this->parent->managesRelation() && !$items->byID($item->ID)) return $this->httpError(403);
$form->saveInto($item);
$item->write();
$form->sessionMessage(_t('UploadField.Saved', 'Saved'), 'good');
return $this->parent->getForm()->Controller()->redirectBack();
}
